new phishing scheme
- chas
- Posts: 7707
- Joined: Wed Oct 10, 2001 6:00 pm
- antispam: No
- Please enter the next number in sequence: 10
- Location: East Coast US
new phishing scheme
I just got a new kind of phishing email. It's a faux receipt from paypal, with a delivery address in my old hometown! (This was a little startling, because my car was broken into a couple of weeks ago, and I was just home for Thanksgiving.) So the phishers have gone to new lengths, writing routines to match last names up with towns. I find it very creepy.
If you get something like this, there are a couple of giveaways. The one that I got was actually an image, but the messages from paypal (and presumably other companies) are text. The real giveaway, though, is if you put your cursor over the "dispute this charge" or "login" links, the address that appears isn't a paypal.com address (at least it works this way on Macs).
If you get something like this, there are a couple of giveaways. The one that I got was actually an image, but the messages from paypal (and presumably other companies) are text. The real giveaway, though, is if you put your cursor over the "dispute this charge" or "login" links, the address that appears isn't a paypal.com address (at least it works this way on Macs).
Charlie
Whorfin Woods
"Our work puts heavy metal where it belongs -- as a music genre and not a pollutant in drinking water." -- Prof Ali Miserez.
Whorfin Woods
"Our work puts heavy metal where it belongs -- as a music genre and not a pollutant in drinking water." -- Prof Ali Miserez.
- Wormdiet
- Posts: 2575
- Joined: Mon Jan 31, 2005 10:17 pm
- Please enter the next number in sequence: 1
- Location: GreenSliabhs
Re: new phishing scheme
I have been getting similar messages from "EBay." The tipoff?chas wrote:I just got a new kind of phishing email. It's a faux receipt from paypal, with a delivery address in my old hometown! (This was a little startling, because my car was broken into a couple of weeks ago, and I was just home for Thanksgiving.) So the phishers have gone to new lengths, writing routines to match last names up with towns. I find it very creepy.
If you get something like this, there are a couple of giveaways. The one that I got was actually an image, but the messages from paypal (and presumably other companies) are text. The real giveaway, though, is if you put your cursor over the "dispute this charge" or "login" links, the address that appears isn't a paypal.com address (at least it works this way on Macs).
I don't actually have an Ebay account!
OOOXXO
Doing it backwards since 2005.
Doing it backwards since 2005.
- Bloomfield
- Posts: 8225
- Joined: Mon Oct 15, 2001 6:00 pm
- antispam: No
- Please enter the next number in sequence: 8
- Location: Location: Location:
That's just so sad and horrible. People trying to take advantage of you. Hate that.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
/Bloomfield
- BrassBlower
- Posts: 2224
- Joined: Mon Jan 14, 2002 6:00 pm
- antispam: No
- Please enter the next number in sequence: 8
- Location: Fly-Over Country
Bloomfield wrote:That's just so sad and horrible. People trying to take advantage of you. Hate that.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
https://www.facebook.com/4StringFantasy
I do not feel obliged to believe that that same God who has endowed us with sense, reason, and intellect has intended us to forgo their use.
-Galileo
I do not feel obliged to believe that that same God who has endowed us with sense, reason, and intellect has intended us to forgo their use.
-Galileo
- Cynth
- Posts: 6703
- Joined: Tue Nov 30, 2004 4:58 pm
- Please enter the next number in sequence: 1
- Location: Iowa, USA
Okay, I think I'm learning because this sounds phishy to me!Bloomfield wrote:That's just so sad and horrible. People trying to take advantage of you. Hate that.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
Diligentia maximum etiam mediocris ingeni subsidium. ~ Diligence is a very great help even to a mediocre intelligence.----Seneca
He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.Cynth wrote:Okay, I think I'm learning because this sounds phishy to me!Bloomfield wrote:That's just so sad and horrible. People trying to take advantage of you. Hate that.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
- TonyHiggins
- Posts: 2996
- Joined: Tue Jun 26, 2001 6:00 pm
- Please enter the next number in sequence: 1
- Location: SF East Bay, CA
- Contact:
I don't know if they do much with the info, but paypal asks you to forward these emails to them for investigation.
Tony
Tony
http://tinwhistletunes.com/clipssnip/newspage.htm Officially, the government uses the term “flap,” describing it as “a condition, a situation or a state of being, of a group of persons, characterized by an advanced degree of confusion that has not quite reached panic proportions.”
- Cynth
- Posts: 6703
- Joined: Tue Nov 30, 2004 4:58 pm
- Please enter the next number in sequence: 1
- Location: Iowa, USA
But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.Lambchop wrote:He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.Cynth wrote:Okay, I think I'm learning because this sounds phishy to me!Bloomfield wrote:That's just so sad and horrible. People trying to take advantage of you. Hate that.
I've had some bad experiences with phishing, and so I've had to develop some expertise in recognizing these spoof emails. If you get one that might be suspicious, I'll be happy to take a look for you. Simply forward the email to me (bloomfield AT the-spa.com) along with your full name, credit card number, expiration date, three-digit security code on the back of the card, social security number, and billing address. I'll let you know if the email was from phishers.
Diligentia maximum etiam mediocris ingeni subsidium. ~ Diligence is a very great help even to a mediocre intelligence.----Seneca
- Bloomfield
- Posts: 8225
- Joined: Mon Oct 15, 2001 6:00 pm
- antispam: No
- Please enter the next number in sequence: 8
- Location: Location: Location:
It's information you should never send to phishers. Sending it to Bloomphield is okay.Cynth wrote:But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.Lambchop wrote:He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.Cynth wrote: Okay, I think I'm learning because this sounds phishy to me!
P.S.
About my email being "@the-spa.com": I am always sitting in a hot tub with Gin, Tonic, Clara & Angelique when checking emails, that's all.
/Bloomfield
-
- Posts: 2258
- Joined: Thu Jul 26, 2001 6:00 pm
- Please enter the next number in sequence: 1
- Location: Nashville, TN
- Contact:
The trick is that you just never click on anything in emails. If you get something from ebay or paypal you might think is legit, type in the homepage for them into your browser and log in from there.
<i>The very powerful and the very stupid have one thing in common. They don't alter their views to fit the facts. They alter the facts to fit their views. Which can be uncomfortable if you happen to be one of the facts that needs altering.</i>
- rebl_rn
- Posts: 810
- Joined: Tue Jun 26, 2001 6:00 pm
- antispam: No
- Location: Southeastern Wisconsin
- Contact:
I don't know how much they actually do with it either, but I did forward a phishy email I got to them and a few days later got a reply from them saying thanks for sending it and yep, it wasn't from us.TonyHiggins wrote:I don't know if they do much with the info, but paypal asks you to forward these emails to them for investigation.
Tony
Wash your hands. Cough and sneeze in your sleeve. Stay home if you are sick. Stay informed. http://www.cdc.gov/swineflu for more info.
It only looks that way, Cynth. It's just like those calls you get from bank detectives investigating crimes. You know, the ones who need your account number and pin number and all so they can catch the criminal in the act with it.Cynth wrote:But Lamby, isn't this the very info you should never send to someone? And his email is at a spa. Who knows where it is, probably Ibiza or something.Lambchop wrote:He needs that information to check on the phishers. Otherwise, he wouldn't know anything about the account they're phishing for and he couldn't tell if it was phishing or not.Cynth wrote: Okay, I think I'm learning because this sounds phishy to me!
We have spas here, and that's how I know about them. They're verrrrry nice! They won't let people in there unless they have lots of money. When you think about it, it's really a good deed Bloomie is doing, since he's having to take time away from all those mineral soaks and massages. Most people, after spending that kind of money, wouldn't give you the time of day. Not our Bloomie!
- Cynth
- Posts: 6703
- Joined: Tue Nov 30, 2004 4:58 pm
- Please enter the next number in sequence: 1
- Location: Iowa, USA
You know, just as a brief detour. I read, and now cannot find, some very scary safety information about hot tubs. I knew you weren't supposed to drink (are you listening, Bloomfield?) while you were in the hot tub. But apparently some have unsafe drains, which are extremely powerful, and people have been killed by them. Their hair or other body parts get sucked into them. I wish I could find the website, but it said that two people had actually been disemboweled! There are special safe drain caps apparently. I would never go in a hot tub.
Oh, I just found it.http://www.cpsc.gov/cpscpub/pubs/5112.html
Hair Entanglement -- Since 1990, CPSC has reports of 43 incidents (including 12 deaths) in which people's hair was sucked into the suction fitting of a spa, hot tub, or whirlpool, causing the victim's head to be held under water. Hair entanglement occurs when a bather's hair becomes entangled in a drain cover as the water and hair are drawn through the drain. In some incidents, children were playing a "hold your breath the longest" game. Permitting their long hair to be sucked into the drain. CPSC helped develop a voluntary standard for drain covers that helps reduce the risk of hair entrapment. Consumers should be sure they have new drain covers that meet this standard. If you are not sure, call a pool or spa professional to check the spa. Never allow a child to play in a way that could permit the child's hair to come near the drain cover. If a drain cover is missing or broken, shut down the spa until the cover is replaced.
Bodypart Entrapment -- CPSC knows of 74 incidents since 1990 in which parts of the body have been entrapped by the strong suction of the drain of pools, wad-ing pools, spas, and hot tubs. Of these, two resulted in dis-embowelment and 13 other people died. CPSC helped develop a standard requiring dome-shaped drain outlets and two outlets for each pump. This reduces the powerful suction if one drain is blocked. Consumers with older spas should have new drain covers installed and may want to consider getting a spa with two drains.
Oh, I just found it.http://www.cpsc.gov/cpscpub/pubs/5112.html
Hair Entanglement -- Since 1990, CPSC has reports of 43 incidents (including 12 deaths) in which people's hair was sucked into the suction fitting of a spa, hot tub, or whirlpool, causing the victim's head to be held under water. Hair entanglement occurs when a bather's hair becomes entangled in a drain cover as the water and hair are drawn through the drain. In some incidents, children were playing a "hold your breath the longest" game. Permitting their long hair to be sucked into the drain. CPSC helped develop a voluntary standard for drain covers that helps reduce the risk of hair entrapment. Consumers should be sure they have new drain covers that meet this standard. If you are not sure, call a pool or spa professional to check the spa. Never allow a child to play in a way that could permit the child's hair to come near the drain cover. If a drain cover is missing or broken, shut down the spa until the cover is replaced.
Bodypart Entrapment -- CPSC knows of 74 incidents since 1990 in which parts of the body have been entrapped by the strong suction of the drain of pools, wad-ing pools, spas, and hot tubs. Of these, two resulted in dis-embowelment and 13 other people died. CPSC helped develop a standard requiring dome-shaped drain outlets and two outlets for each pump. This reduces the powerful suction if one drain is blocked. Consumers with older spas should have new drain covers installed and may want to consider getting a spa with two drains.
Diligentia maximum etiam mediocris ingeni subsidium. ~ Diligence is a very great help even to a mediocre intelligence.----Seneca